[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Firewall & Bridge



	I am not sure where to point you for additional information as I 
myself am looking for it... However from what I have been able to ascertain
is that the bridging by-passes the firewall code in the kernel and therefore
requires a patch to make the kernel support bridging firewalls... The problem
I've found is that the only bridging firewall patch I was able to locate from
one of the HOWTOs on bridging+firewall was for a 2.2 kernel using ipchains,
which does no good with a 2.4 kernel using iptables...

	Whether this behaviour of not using the firewall with bridging by
default is the same from 2.2 to 2.4 kernels I haven't been able to determine
but this might give you some idea of where I'm looking for answers...

	Respectfully,
	Jeremy T. Bouse

On Tue, Sep 04, 2001 at 06:25:15PM -0400, Jayson Johnson wrote:
> Hello,
> I know this question has come up here and there, and I am still haveing trouble getting things to work.  
> I am trying to create a bridge that will also filter out packets (tcp's) and redirect them to another location or deny them.
> I can do this in a firewall, and get everything to work, but the trick is, I need them to work with the bridge. 
> I built the bridge and it works great.  I can't get the firewall part working I have went to every bridge/firewall site, tried everything that is suggested, and still can't seem to get the firewall to work.  I do not want to setup the box as a router, because there are several hundred users in various locations, etc, that already have there tcp/ip info setup, and there is not one central place that I can pop the box into, to use as a router.  I want it to be completly transparent.  Any suggestions or help?  I am downloading the latest build of debian, and see if that helps. I am using kernel 2.4.2 now.
> 
> Thanks
> Jayson Johnson
> 



Reply to: